Thanks Chuck, that's what I thought - we'll attempt contacting
"winning" registrar Internet Domain Registrars and try to investigate with
them:
1) How did they as winning registrar authenticate transfer request
2) Who initiated it
I think the chances on receiving response are slim but then we do have a
good contact
email address for chief compliance officer at ICANN
cheers
Genie
----- Original Message -----
From: "Charles Daminato" <[EMAIL PROTECTED]>
To: "genie" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Saturday, June 23, 2001 10:42 AM
Subject: Re: can we track who requested Transfer Away from OpenSRS?
> Genie,
>
> There is no way to find out who the requestor is, as all we are doing is
> parsing the registry notification of domain transfers, and sending an
> email to the correspondent. All we get is the 'gaining' registrar, and
> the domain name.
>
> Charles Daminato
> TUCOWS Product Manager
> [EMAIL PROTECTED]
>
> On Sat, 23 Jun 2001, genie wrote:
>
> > Also, there is NO WAY that this hijacker could have authenticated the
> > request at Internet Domain Registrars side - since the domain in
question
> > has a valid email address of our Customer.
> >
> > That makes me question Internet Domain Registrars security processes if
they
> > DO NOT AUTHENTICATE transfer requests properly and just send those out -
> > this is against ICANN rules! Time to contact [EMAIL PROTECTED] me
> > thinks.
> >
> > cheers
> > Genie
> > eyeondomain.com
> >
> >
> > ----- Original Message -----
> > From: "opensrs" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Saturday, June 23, 2001 5:42 AM
> > Subject: RE: can we track who requested Transfer Away from OpenSRS?
> >
> >
> > > same here. it just happened on wednesday
> > >
> > > -----Original Message-----
> > > From: [EMAIL PROTECTED]
> > > [mailto:[EMAIL PROTECTED]]On Behalf Of genie
> > > Sent: Friday, June 22, 2001 11:04 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: can we track who requested Transfer Away from OpenSRS?
> > >
> > >
> > > A customer of ours just received transfer away request from OpenSRS
> > request
> > > for one of their domains....
> > >
> > > They have not applied for it and suspect someone is trying to hijack
their
> > > domain... the OpenSRS message does not disclose anything about the
party
> > > attempting to do transfer away request.
> > >
> > > <snip>
> > > A request has been received to transfer the domain ****.com
> > > away from the Registrar Tucows. This request was entered at
22-Jun-2001
> > > 14:12:02 by Internet Domain Registrars If this is a valid request
and
> > > you ...
> > > <snip>
> > >
> > > Is there a way we/customer can get more details (email address...
name...
> > > anything?) on the requestor? It would be nice to be able to track
them
> > > down.
> > >
> > > cheers
> > > Genie Livingstone
> > > eyeondomain.com
> > >
> > >
> >
> >
> >
>
>
>
